[SECURITY] Fedora 29 Update: xen-4.11.1-4.fc29

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

The vulnerability of the union data structure interpretation in Xen hypervisors, related to background data corruption, allows attackers to cause service failures or increase their privileges within the system.

The vulnerability of the union data structure interpretation in Xen hypervisors is related to errors during data underpressure situations. Exploiting this vulnerability can allow attackers to cause service failures or increase their privileges within the system...

Amazon Linux 2 : kernel (ALAS-2019-1165)

A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvmioctlcreatedevice, the device holds a reference to a VM object, later this reference is transferred to the caller's file descriptor table. If suc...

Important: kernel

Issue Overview: A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor implements its device control API. While creating a device via kvmioctlcreatedevice, the device holds a reference to a VM object, later this reference is transferred to the caller's file descript...

PT-2019-2188 · Intel +7 · Intel Microprocessors +11

Name of the Vulnerable Software and Affected Versions: Intel microprocessors affected versions not specified vCenter Server affected versions not specified ESXi affected versions not specified Workstation affected versions not specified Fusion affected versions not specified Description: The issu...

PT-2019-2190 · Intel +8 · Intel Microprocessors +12

Name of the Vulnerable Software and Affected Versions: Intel Microprocessors affected versions not specified vCenter Server affected versions not specified ESXi affected versions not specified Workstation affected versions not specified Fusion affected versions not specified Description: The issu...

Amazon Linux AMI : kernel (ALAS-2019-1165)

A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested =1 virtualization is enabled. This high resolution timerhrtimer runs when a L2 guest is active. After VM exit, the syncvmcs12 timer object is stopped. The...

openSUSE Security Update : the Linux Kernel (openSUSE-2019-274)

The openSUSE Leap 42.3 kernel was updated to 4.4.175 to receive various bugfixes. The following security bugs were fixed : - CVE-2018-5391: Fixed a vulnerability, which allowed an attacker to cause a denial of service attack with low rates of packets targeting IP fragment re-assembly. bsc1103097 ...

Security update for the Linux Kernel (important)

openSUSE Security Update: Security update for the Linux Kernel Announcement ID: openSUSE-SU-2019:0274-1 Rating: important References: 1012382 1020413 1031492 1042286 1050549 1078355 1086095 1086652 1099810 1103097 1105428 1106061 1106929 1116345 1117108 1117645 1117744 1120017 1120758 1120902...

Important: kernel

Issue Overview: A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested =1 virtualization is enabled. This high resolution timerhrtimer runs when a L2 guest is active. After VM exit, the syncvmcs12 timer object is...

How to pin Citrix Hypervisor Virtual CPUs to specific Physical CPUs

Citrix Hypervisor maps vCPUs to pCPUs by default in a semi-even way to distribute VM load on the host. In some cases it may be needed to have a specific mapping, for example, if some VMs will be CPU intensive while other wont, the intensive VMs can be mapped to exclusive physical CPUs while the...

MGASA-2019-0098 Updated kernel-linus packages fix security vulnerabilities

This kernel-linus update is based on the upstream 4.14.100 and fixes at least the following security issues: Cross-hyperthread Spectre v2 mitigation is now provided by the Single Thread Indirect Branch Predictors STIBP support. Note that STIBP also requires the functionality be supported by the...

MGASA-2019-0097 Updated kernel packages fix security vulnerabilities

This kernel update is based on the upstream 4.14.100 and fixes at least the following security issues: A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested=1 virtualization is enabled. In nestedgetvmcs12pages, in case of an error...

Citrix Hypervisor Cannot Boot VM - Inaccessible_boot_device

After booting the VM an "Inaccessible Boot Device" error appears. The error may also appear as "The boot selection failed because a required device is inaccessible". This may be a critical VM that needs to be restored fast...

CentOS 6 : spice-server (CESA-2019:0232)

An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

spice security update

CentOS Errata and Security Advisory CESA-2019:0232 An update for spice-server is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

CVE-2019-7221

A use-after-free vulnerability was found in the way the Linux kernel's KVM hypervisor emulates a preemption timer for L2 guests when nested =1 virtualization is enabled. This high resolution timerhrtimer runs when a L2 guest is active. After VM exit, the syncvmcs12 timer object is stopped. The...

Oracle Linux 6 : spice-server (ELSA-2019-0232)

The remote Oracle Linux 6 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2019-0232 advisory. - Fix off-by-one error during guest-to-host memory address conversion Resolves: CVE-2019-3813 - Prevent potential buffer/integer overflows with invalid...

RHEL 6 : spice-server (RHSA-2019:0232)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2019:0232 advisory. The Simple Protocol for Independent Computing Environments SPICE is a remote display protocol for virtual environments. SPICE users can access a...

macOS and Mac OS X Multiple Vulnerabilities (Security Update 2019-001)

The remote host is running Mac OS X 10.12.6 and is missing a security update. It is therefore, affected by multiple vulnerabilities in the following components: - CoreAnimation - Hypervisor - Intel Graphics Driver - IOKit - Kernel - libxpc - QuartzCore C Tenable Network Security, Inc...